Overview

overview

10

Static

static

10

3711caf741...64.exe

windows7_x64

8

3711caf741...64.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3711caf74167cae35d4c23e7029680d496c3cda1ac195a8620165b21fc918d64

  • Size

    23KB

  • Sample

    220520-1tks8shdhq

  • MD5

    c09fcff493dd614093ea92ca607b9e8b

  • SHA1

    da07efbdefcff230310d6fe7d00a13d668dfdeaa

  • SHA256

    3711caf74167cae35d4c23e7029680d496c3cda1ac195a8620165b21fc918d64

  • SHA512

    c86ce55bc1311184b6d9cd53021d354500fed3054544a6e715d3824cc3e70cf224a2df3d83517989ab6334e04ff1843b4ac7432b36da4aa8c1a2d59a46f970e5

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

abbas3.ddns.net:1166

Mutex

44a7267de293465787120369e65b1be2

Attributes
  • reg_key

    44a7267de293465787120369e65b1be2

  • splitter

    |'|'|

Targets

    • Target

      3711caf74167cae35d4c23e7029680d496c3cda1ac195a8620165b21fc918d64

    • Size

      23KB

    • MD5

      c09fcff493dd614093ea92ca607b9e8b

    • SHA1

      da07efbdefcff230310d6fe7d00a13d668dfdeaa

    • SHA256

      3711caf74167cae35d4c23e7029680d496c3cda1ac195a8620165b21fc918d64

    • SHA512

      c86ce55bc1311184b6d9cd53021d354500fed3054544a6e715d3824cc3e70cf224a2df3d83517989ab6334e04ff1843b4ac7432b36da4aa8c1a2d59a46f970e5

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks